[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Getting IMAP to work with OpenLDAP



Martin
<snip>


cyrus does no use imap. It is not designed to do that. cyrus uses sasl to authenticate and sasl can be configured to use pam or ldap.

It does at least that is what it says..

http://www.linuxgeek.net/ispman/x331.html

Check this out it can be done..



<snip>

that has nothing to do with authentification. this is the regular check stuff cyrus does on every startup. cyrus uses databases internaly to store the header of the emails and the users information. These databases are not present or the permissions on /var/lib/imap and the subfolders have the wron permissions (must be writable and readable to the cyrus user).

But what did I do I only installed the RPM from the distro.. I now changed the permissions to 770 for Imap.. The other errors went away.... Now more errors..

Do I need to create users for IMAP now or what ??

All the users are normal unix box users...

See this log below-----------------------

Apr 11 12:28:57 lancer ctl_cyrusdb[27553]: done recovering cyrus databases
Apr 11 12:28:57 lancer master[27552]: ready for work
Apr 11 12:28:57 lancer master[27554]: about to exec /usr/lib/cyrus/bin/ctl_cyrusdb
Apr 11 12:28:57 lancer master[27555]: about to exec /usr/lib/cyrus/bin/ctl_deliver
Apr 11 12:28:57 lancer master[27556]: about to exec /usr/lib/cyrus/bin/tls_prune
Apr 11 12:28:57 lancer ctl_cyrusdb[27554]: checkpointing cyrus databases
Apr 11 12:28:57 lancer ctl_cyrusdb[27554]: DBERROR: error listing log files: DB_NOTFOUND: No matching key/data pair found
Apr 11 12:28:57 lancer ctl_cyrusdb[27554]: DBERROR: archive /var/lib/imap/db: cyrusdb error
Apr 11 12:28:57 lancer ctl_cyrusdb[27554]: archiving database file: /var/lib/imap/mailboxes.db
Apr 11 12:28:58 lancer ctl_cyrusdb[27554]: done checkpointing cyrus databases
Apr 11 12:28:58 lancer master[27552]: process 27554 exited, status 0
Apr 11 12:28:58 lancer ctl_deliver[27555]: DBERROR db4: 4 lockers
Apr 11 12:28:58 lancer ctl_deliver[27555]: duplicate_prune: pruning back 3 days
Apr 11 12:28:58 lancer ctl_deliver[27555]: duplicate_prune: purged 0 out of 0 entries
Apr 11 12:28:58 lancer master[27552]: process 27555 exited, status 0
Apr 11 12:28:59 lancer tls_prune[27556]: tls_prune: purged 0 out of 0 entries
Apr 11 12:28:59 lancer master[27552]: process 27556 exited, status 0
21,1 Bot






Matthew Schumacher wrote:

Vishal,

There are a couple of things that need to happen to make imap/pam/ldap
work:

First you need to install the pam modules, then you install nss_ldap and
pam_ldap.  Pam_ldap authenticates the user and nss_ldap resolves the
user for local files and processes and such.  Onces these packages are
installed you need to configure your /etc/ldap.conf to tell these
packages how to connect to your directory then you need to edit your
/etc/nsswitch.conf to cause the libc libraries to become ldap aware
though the nss_ldap module.

Once you do those things you should be able to chown a file to a ldap
user.  If you can't do that then either your /etc/ldap.conf,
/etc/nsswitch.conf, or user record in ldap has a problem.

Once you get passed the chown test now compile imap with pam support.
And create a /etc/pam.d/imap file and put this in it:

auth       sufficient   /lib/security/pam_ldap.so
account    sufficient   /lib/security/pam_ldap.so

That should be it, it should just work now.

schu


??????? 10 ?????? 2003 14:06, Vishal Khanna ???????:

Hi All,
I have basic problems in getting LDAP to work with IMAP.

What I want to do
------------------
I want to authenticate my MAIL(IMAP) users on Linux box from the LDAP
server running on another server

a. Is it possible ?
b. If yes then how ?

Any help would be really appreciated, I have done the hunting on the
web

The pacakages I use are (RPMS on 2.4.19 Kernel)
IMAP
-----
imap-2001a-142
imap-lib-2001a-142

LDAP
openldap2-client-2.1.4-26
yast2-ldap-client-2.6.5-66
nss_ldap-199-31
openldap2-2.1.4-26
pam_ldap-150-57
tclldap-1.1.1-693
perl-ldap-0.251-20
perl-ldap-ssl-0.251-20

I did what was mentioned of changing the settings in /etc/nsswitch.conf
Changed the entries in /etc/pam.d/imap to

auth           required      pam_ldap.so
account        required        pam_ldap.so

No matter what I do I cannot get it to work. My openLDAP software works
perfectly fine otherwise.

Cheers
Vishal




--
-------------------------------------------------------------------------------
Disparate Needs ------ One Solution --- INETBOX
Ampersand Info-Tech Pvt.Ltd      phone  +91 (0)11 / 2693 3118
New Delhi -- Munich              fax    +91 (0)11 / 2632 2980
http://www.aitpl.com
Linux - Solaris - Windows - Software Application Partners
-------------------------------------------------------------------------------
The information contained in this message (including any attachments)is
confidential and may be legally privileged. If you are not the intended
recipient, please delete it from your system immediately - any
disclosure, copying or distribution thereof or any action taken or
omitted to be taken in reliance thereon is prohibited and may be
unlawful. AITPL makes no warranty as to the accuracy or completeness
of any information contained in this message and hereby excludes any
liability of any kind for the information contained herein or for the
transmission, reception, storage or use of such information in any way
whatsoever.  Any opinions expressed in this message are those of the
author and do not necessarily reflect the opinions of AITPL.
-------------------------------------------------------------------------------